CLAIMS 



1. A framework for controlling access rights to digital content in a distributed information 
system comprising: 

first storage means for storing a reference to a user registered in said framework; 
second storage means for storing a reference to digital content registered for said user; 

and 

third storage means for storing a reference to a digital secure repository registered for said 
user, the digital secure repository containing storage means for storing a unique identifier and a 
reference to said digital content. 

2. The framework according to claim 1, further comprising: 

fourth storage means for storing a reference to a rendering device registered for said user. 

3. The framework according to claim 1, further comprising: 

a communication link for establishing communication to one or more of the set of said 
secure repository and said rendering device. 

4. The framework according to claim 1, wherein said secure repository further comprises 
storage means for storing a digital key for decrypting said digital content. 

5. The framework according to claim 1, wherein said secure repository further comprises 
storage means for storing a reference to a rendering device. 

6. The framework according to claim 1, wherein said secure repository further comprises 
storage means for storing content rights for said digital content. 

7. The framework according to claim 1, wherein said secure repository further comprises 
storage means for storing a reference to said user. 
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8. The framework according to claim 1, wherein said secure repository further comprises a 
communication link for establishing communication to one or more of the set of said framework 
and said rendering device. 

9. The framework according to claim 1, wherein the framework is realized as a set of web 
applications forming an Internet web site. 

10. An Internet web site offering a framework for controlling access rights to digital content 
in a distributed information system according to claim 1. 

11. A method for controlling access rights to digital content in a distributed information 
system comprising the steps of: 

registering a user with a framework for controlling access rights to digital content in said 
distributed information system; 

registering a digital secure repository registered for said user; and 
registering digital content registered for said user. 

12. The method according to claim 11, wherein registering a user further comprises the steps 
of: 

receiving a message from said user comprising a reference to said digital secure 
repository; 

validating said reference to said digital secure repository; and 
storing a reference to said user. 

1 3 . The method according to claim 1 1 , wherein registering a digital secure repository further 
comprises the steps of: 

receiving a message from said user comprising credentials of the user; 
validating said credentials; 

if the credentials are valid, issuing a new digital secure repository; and 

storing a reference to said issued digital secure repository and sending it to the user. 
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14. The method according to claim 1 1, wherein registering digital content further comprises 
the steps of: 

receiving a message from said user comprising an order request and a reference to the 
user's digital secure repository; 
validating said reference; 

if the reference is valid, performing purchase formalities; 

if all formalities are performed, encrypting the document encryption key associated with 
the requested digital content with the public key associated with said digital secure repository; and 

returning the encrypted document encryption key to the user and registering the purchased 
digital content for said user. 

15. The method according to claim 1 1, further comprising the step of registering a rendering 
device for said user. 

16. The method according to claim 15, wherein registering a rendering device further 
comprises the steps of: 

receiving a message from said user comprising credentials of the user and a reference to 
said rendering device to be registered; 
validating said credentials; 

if the credentials are valid, storing the reference of the rendering device associated with 
said user. 

17. A computer program product stored on a computer usable medium, comprising computer 
readable program means for causing a computer to perform a method according to claim 11. 

18. A method for rendering digital content on a rendering device comprising the steps of: 
receive a request for rendering digital content in a predetermined form; 

reading information about access rights granted; 



DE920010053US1 



33 



if access rights cover the requested form of rendering the digital content, getting a 
document encryption key encrypted with the public key associated with said rendering device; 

decrypting the document encryption key with the private key associated with said 
rendering device; 

decrypting said digital content with said document encryption key; and 
rendering said digital content in the requested form. 

19. The method for rendering digital content on a rendering device according to claim 18, 
wherein the step of getting a document encryption key further comprises the steps: 

determining from a storage device associated with said rendering device whether or not 
the digital content is bound to said rendering device and if yes receiving said document encryption 
key from said storage device. 

20. The method for rendering digital content on a rendering device according to claim 18, 
wherein the step of getting a document encryption key further comprises the step of receiving said 
document encryption key from a digital secure repository. 

21. The method for rendering digital content on a rendering device according to claim 18, 
wherein the step of reading from a digital secure repository further comprises the step of 
communicating with said digital secure repository over a communication link. 

22. The method for rendering digital content on a rendering device according to claim 18, 
wherein the step of reading from a digital secure repository further comprises the step of 
retrieving said digital secure repository from a storage device also keeping said digital content. 

23. The method for rendering digital content on a rendering device according to claim 18, 
wherein the step of decrypting said digital content further comprises the step of retrieving said 
digital content from a storage device. 
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24. The method for rendering digital content on a rendering device according to claim 1 8, 
wherein the step of decrypting said digital content further comprises the step of retrieving said 
digital content from over a communication link as downloaded or streaming data. 

5 25. A computer program product stored on a computer usable medium, comprising computer 
readable program means for causing a computer to perform a method according to claim 18. 

26. A method for binding digital content to a rendering device, the method comprising the 
following steps: 

10 establishing a connection from said rendering device to a digital secure repository; 

requesting from said digital secure repository digital content rights for specified digital 
content; 

ji if binding is allowed according to the rights stored in said digital secure repository, 

Jf receiving the respective document encryption key encrypted with the rendering device's public 
15 Hi key, and storing the encrypted key for later decrypting the respective digital content. 

" " 27. A computer program product stored on a computer usable medium, comprising computer 
readable program means for causing a computer to perform a method according to claim 26. 

20 X 28. A method for storing digital content from a rendering device onto a storage device, the 
^ method comprising the following steps: 

establishing a connection from said rendering device to a digital secure repository; 
requesting from said digital secure repository digital content rights for specified digital 
content; 

25 if storing is allowed according to the rights stored in said digital secure repository, 

receiving the respective document encryption key encrypted with the respective public key of all 
rendering devices registered in said digital secure repository, and storing the encrypted keys 
together with said encrypted digital content on said storage device. 
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29. A computer program product stored on a computer usable medium, comprising computer 
readable program means for causing a computer to perform a method according to claim 28. 
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